The exchange claims the attackers used a variety of techniques, including phishing and viruses, to obtain a large number of user API keys, 2FA codes, and other info. The attack managed to circumvent Binance‘s security checks, but after noticing the strange activity, the exchange blocked all withdrawals.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” says official announcement.
Binance said the theft impacted its BTC hot wallet only, which contained about 2% of total BTC holdings.
The company will use its Secure Asset Fund for Users (SAFU) to cover the incident. The exchange created the fund in July 2018 as a type of emergency insurance. Binance allocates 10% of its total trading fees to finance SAFU.
